A. Field of Invention
The invention relates generally to the field of encryption and more particularly to an encryption system using hardware and algorithms for encryption.
B. Description of the Related Art
Laws currently exist which legally force users to divulge passwords for encrypted matter to authorities under a multitude of circumstances from border-crossing examinations to judicial warrants. If an authority representative cannot prove the existence of encrypted data within a person's possession then they are compelled to release the decryption key or potentially face criminal sanctions. If an authority representative cannot prove the existence of encrypted or concealed data on a user's disk then the user cannot be legally compelled to release the cryptographic key. This is a situation described by the expression “plausible deniability”, a phrase used to describe the impossibility by authorities to prove the existence of encrypted data. With a lack of physical evidence, the presence of encrypted data cannot be proven and the user may plausibly deny that any such data exists, thereby avoiding the compulsion to divulge a password.
In many proposed solutions to the problem of plausible deniability regarding the presence of encrypted data on a secure volume, the bootloader with its leading bootsector contain unencrypted information that point to where encrypted data is stored and how it is encrypted, thus giving the presence of the encrypted data away. Traditionally, the bootloader is stored in the clear in an adjacent partition on the same disk as the encrypted information or volume. Note that this information alone isn't enough to decrypt the disk volume; however, it informs any investigative authority of the existence of concealed information on the same disk and plausible deniability is thereby forfeited. Upon request, the user can now be legally obliged to decrypt the data.
Ideally, an encrypted volume is portable and easily movable, in a portable form such as a USB key. Furthermore, an element of physical hardware security in addition to logical security of encrypted hard drives, for example, adds security because the location of a physical component can be controlled by the user. Psychological security measures, although difficult to define, can also add further security.
One proposed solution is disclosed in US Publ. No. 2005/0031120 (Samid) describing the DNL cryptographic paradigm with ease of matching many plaintexts to a given cipher. Consequently, the cipher itself cannot betray the specific plaintext, which is lost in the large list of candidate plaintexts, all of which are decryption-generated from the ciphertext in order to maintain deniability. The related U.S. Pat. No. 6,823,068 (Samid) also describes an encryption method based on charting a path on a graph, where the graph is the encryption key, and wherein numerous plaintexts can be retrieved from a single ciphertext.
Another example is US Publ. No. 2008/0031459 (Voltz), which discloses a system for securing communications between networks with a trusted third party for managing keys and identities, and uses a unique key identifier and an associated key. This is a system having multiple computers and software keys which are subject to exploitation. A hardware solution, where the hardware can be physically removed and secured, in addition to software encryption offers a more secure system than software alone.
In light of the shortcomings of the prior art in this area, there is a need for a secure encrypted USB key operating system with a secure physical hardware component such as a dongle, as well as a need for a software encryption system which may be decrypted into one of two or more plaintexts, based on the key used.